2 Replies Latest reply on Jan 28, 2013 9:32 AM by nfilotto

    How to configurate the GateIn3.4 & JBossAS7  SSO login ?

    halbert

      There is some document which guide me to configure the GateIn3.2 & JBossAS 6 , but the document is not fit for JBoss7 & GateIn3.4. I search my document and I have configurated the standalone.xml  as following

      1) change standalone.xml

       


      <security-domain name="gatein-domain" cache-type="default">

      <authentication>

      <login-module code="org.gatein.wci.security.WCILoginModule" flag="optional">

      <module-option name="portalContainerName" value="portal"/>

      <module-option name="realmName" value="gatein-domain"/>

      </login-module>

      <login-module code="org.exoplatform.services.security.jaas.SharedStateLoginModule" flag="required">

      <module-option name="portalContainerName" value="portal"/>

      <module-option name="realmName" value="gatein-domain"/>

      </login-module>

      <login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">

      <module-option name="portalContainerName" value="portal"/>

      <module-option name="realmName" value="gatein-domain"/>

      </login-module>

      <login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">

      <module-option name="portalContainerName" value="portal"/>

      <module-option name="realmName" value="gatein-domain"/>

      </login-module>






      </authentication>

      </security-domain>

       

      2) copy cas-client-core-3.1.9.jar,sso-auth-callback-1.1.2-Beta02.jar,sso-agent-1.1.2-Beta02.jar to   E:\GateIn-3.4-jbossas7\gatein\deployments\gatein.ear\lib

      3) configurate the client portal.war and web.war as http://docs.jboss.com/gatein/portal/3.4.0.M01/reference-guide/en-US/html_single/index.html#sect-Reference_Guide-Single_Sign_On-CAS_Central_Authentication_Service guided.

      4) start the JBoss7 and login with CAS server.

      5) get exception 

       

      09:06:45,457 ERROR [org.gatein.sso.agent.login.SSOLoginModule] (http--127.0.0.1-8080-11) ---------------------------------------------------------

      09:06:45,457 ERROR [org.gatein.sso.agent.login.SSOLoginModule] (http--127.0.0.1-8080-11) SSOLogin Failed. Credential Not Found!!

      09:06:45,457 ERROR [org.gatein.sso.agent.login.SSOLoginModule] (http--127.0.0.1-8080-11) ---------------------------------------------------------

      09:06:45,477 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) Login failure: javax.security.auth.login.LoginException: Login failed for demo

          at org.exoplatform.services.security.jaas.DefaultLoginModule.login(DefaultLoginModule.java:136) [exo.core.component.security.core-2.4.6-GA.jar:2.4.6-GA]

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_06]

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_06]

          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_06]

          at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_06]

          at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_06]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:215) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]

          at org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:324) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.connector.Request.login(Request.java:3252) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1082) [jbossweb-7.0.10.Final.jar:]

          at javax.servlet.http.HttpServletRequestWrapper.login(HttpServletRequestWrapper.java:323) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]

          at org.gatein.wci.jboss.JB7ServletContainerContext.login(JB7ServletContainerContext.java:159) [wci-jboss7-2.2.0-Beta02.jar:2.2.0-Beta02]

          at org.gatein.wci.impl.DefaultServletContainer.login(DefaultServletContainer.java:109) [wci-wci-2.2.0-Beta02.jar:2.2.0-Beta02]

          at org.exoplatform.web.login.InitiateLoginServlet.doGet(InitiateLoginServlet.java:111) [exo.portal.component.web.security-3.4.0.M01.jar:3.4.0.M01]

          at javax.servlet.http.HttpServlet.service(HttpServlet.java:734) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]

          at org.exoplatform.container.web.AbstractHttpServlet.onService(AbstractHttpServlet.java:183) [exo.kernel.container-2.3.6-GA-JBAS7.jar:2.3.6-GA-JBAS7]

          at org.exoplatform.container.web.AbstractHttpServlet.service(AbstractHttpServlet.java:132) [exo.kernel.container-2.3.6-GA-JBAS7.jar:2.3.6-GA-JBAS7]

          at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:734) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:541) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:479) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:407) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:362) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:265) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.10.Final.jar:]

          at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]

          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.10.Final.jar:]

          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.10.Final.jar:]

          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.10.Final.jar:]

          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.10.Final.jar:]

          at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_06]

       

      09:06:45,507 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) End isValid, false

      09:06:45,507 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) End invoke, caller=null

      09:06:45,507 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-11) Setting threadlocal:null

      09:06:45,517 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) Begin invoke, caller=null

      09:06:45,517 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) Begin isValid, principal:demo, cache entry: null

      09:06:45,517 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) defaultLogin, principal=demo

      09:06:45,517 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http--127.0.0.1-8080-11) Begin getAppConfigurationEntry(gatein-domain), size=5

      09:06:45,517 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http--127.0.0.1-8080-11) End getAppConfigurationEntry(gatein-domain), authInfo=AppConfigurationEntry[]:

      [0]

      LoginModule Class: org.gatein.wci.security.WCILoginModule

      ControlFlag: LoginModuleControlFlag: optional

      Options:

      name=realmName, value=gatein-domain

      name=portalContainerName, value=portal

      [1]

      LoginModule Class: org.gatein.sso.agent.login.SSOLoginModule

      ControlFlag: LoginModuleControlFlag: required

      Options:

      name=realmName, value=gatein-domain

      name=portalContainerName, value=portal

      [2]

      LoginModule Class: org.exoplatform.services.security.jaas.SharedStateLoginModule

      ControlFlag: LoginModuleControlFlag: required

      Options:

      name=realmName, value=gatein-domain

      name=portalContainerName, value=portal

      [3]

      LoginModule Class: org.exoplatform.services.security.j2ee.JbossLoginModule

      ControlFlag: LoginModuleControlFlag: required

      Options:

      name=realmName, value=gatein-domain

      name=portalContainerName, value=portal

       

      09:06:45,568 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) Login failure: javax.security.auth.login.LoginException: Login failed for demo

          at org.exoplatform.services.security.jaas.SharedStateLoginModule.login(SharedStateLoginModule.java:82) [exo.core.component.security.core-2.4.6-GA.jar:2.4.6-GA]

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_06]

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_06]

          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_06]

          at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) [rt.jar:1.7.0_06]

          at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) [rt.jar:1.7.0_06]

          at javax.security.auth.login.LoginContext.login(LoginContext.java:594) [rt.jar:1.7.0_06]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.6.final.jar:4.0.6.final]

          at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:215) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]

          at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.10.Final.jar:]

          at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]

          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.10.Final.jar:]

          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.10.Final.jar:]

          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.10.Final.jar:]

          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.10.Final.jar:]

          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.10.Final.jar:]

          at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_06]

      Caused by: javax.security.auth.login.LoginException: Login failed for demo

          at org.exoplatform.services.organization.auth.OrganizationAuthenticatorImpl.validateUser(OrganizationAuthenticatorImpl.java:155) [exo.core.component.organization.api-2.4.6-GA.jar:2.4.6-GA]

          at org.exoplatform.services.security.jaas.SharedStateLoginModule.login(SharedStateLoginModule.java:70) [exo.core.component.security.core-2.4.6-GA.jar:2.4.6-GA]

          ... 27 more

       

      09:06:45,599 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-11) End isValid, false

      09:06:45,739 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) End invoke, caller=null

      09:06:45,739 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-11) Setting threadlocal:null

      09:06:45,755 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) Begin invoke, caller=null

      09:06:45,755 TRACE [org.jboss.as.web.security] (http--127.0.0.1-8080-11) End invoke, caller=null

      09:06:45,755 TRACE [org.jboss.security.SecurityRolesAssociation] (http--127.0.0.1-8080-11) Setting threadlocal:null